ChanServ Information

Please direct any comments or feedback about this document (only! no help requests!) to docs@dal.net. If you need help on issues not covered in this document, please see the information at http://help.dal.net.

Introduction

ChanServ has been created in order to stop channel takeovers, automate channel management, and to make life easier for users in general.
Over the years many different commands have been added to ChanServ. These commands are discussed in this document.

ChanServ may be accessed through either /chanserv or /msg chanserv@services.dal.net. For the purpose of this document, we will use /chanserv as the command, however,
some IRC clients (e.g. BitchX) do not support /chanserv and you will have to use /msg chanserv@services.dal.net.

Information: The REGISTER command allows a user to register his/her channel (if it is not already registered) quickly and painlessly by typing one line.
In order to register a channel, the user must specify the channel, the password that he or she, and a short description of his channel.

Note: Under no circumstances should you give out the password to anyone. DALnet will NOT help with takeovers if you have shared your password. Also, try to make your password something that might be simple to you but would be hard for others to guess.

In order to find out if a channel is registered or not, type /chanserv info #channel, more on that later. Also, do not forget to use the # sign when registering a channel.

Example: /chanserv register #mystro m3dj35 My home online.

This would register the channel #mystro with the password m3dj35 (a pretty complex password for someone to just guess out of the blue) and the description "My home online."

Information: The identify command identifies the user as the founder of that channel and gives the user access to founder-based commands. You may also use /identify #channel password and /services identify #channel password (This may not work on some clients).

Information: The sendpass command allows the founder to have his channel password sent to the email address associated with the channel in the services database. Using that function, the founder may have his password sent to him incase of a lost/forgotten password. The foundernick for that channel must be identified before that command can be used.

Note: It is suggested that you set your email address to a permanent email address that will not change over time (not an email that came with your ISP, as you may change ISPs in the future). If your email is changed and you have lost your password, you will not be able to retrieve it.

Update: Previously, the current password of the channel was directly sent to your e-mail address. Effective immediately, the SENDPASS command will work as follows:

1. You will receive an E-Mail with an authorization code to confirm your request, which you'll have to act upon. The authorization code will be valid for 72 hours (3 days).

2. Upon completing the authorization as instructed, ChanServ will create a NEW, RANDOM PASSWORD for the channel, and will tell you the new password, as a response to your AUTH command.

Information: The command allows the founder to add or remove a SuperOP to the channel access list. The list command, however, can be accessed by AOps' and up.

Note: SOps have access to very important commands (AOp additions and removal, akick adittion/removal, etc...) and therefore should be picked very carefully. You may not have more than 100 SOps on ChanServ's access list. Wipe may only be used by founder.

Information: Akicks are Auto Kicks and may be added by a SOp or Founder; however only a founder may wipe akicks. Akicks can be added by nickname or hostname. Also, you may specify list patterns (*word*). Wipe may only be used by founder.

Information: This command is pretty simple, it allows you to op or deop a nickname in a channel without having to be opped or even be in the channel. You must be an AOp or higher in order to use this command.

Note: You may not deop someone who has higher ChanServ access than you

Information:
The MKick (Mass Kick) command is used in case of a desync (more information in the Netsplits document) in which case the channel has to be closed and reopened. This command evacuates a channel completely by kicking everyone out, banning *!*@* (everyone), setting mode +i (invite only) and +l 1. When MKICKing a channel, you cannot UNBAN or INVITE yourself back into the channel. This should only be used in a takeover situation.

Note:
Masskicks are limited to one an hour, and are only available to SOP's and Founders. The command may not be used if someone higher than you is in the channel. SOps can't mkick when the founder is present.

Information: The MDEOP command will deop everyone in the channel who have equal or less access in ChanServ than the person using the command. (e.g. AOps can only deop regular ops and other Ops, SOps can only deop other SOps, AOps and the regular ops.)

The SET command has many different arguments including FOUNDER, PASSWD, DESC, MLOCK, OPGUARD, KEEPTOPIC, URL, IDENT, RESTRICT and VERBOSE.
All these commands will modify and change how ChanServ acts in your channel and you should take some time to get familiar with them as they will help you in keeping your channel secure.

Note: To use the ChanServ SET command and its arguments, make sure you are identified as the channel founder (more below).

Information: This argument will change the password of the channel from an old password to a new password. It is a good idea to rotate your password once every few months to improve security (more on that in the Security section).

Note: You must identify to the channel before being able to use this command.

Information: The MLOCK command is one of the most important commands to maintain channel security. Below is a list of all the possible modes and what they do:

+R - Only registered nicks allowed. Very useful if you wish to stop clone attacks, since most clone attacks use unregistered nicks.

+n - No external messages. This option prevents people who are not in channel from sending messages to that channel.

+t - Only ops set topic. This command will make sure non-ops cannot change the topic of the channel. There are also a few ChanServ settings that can help with more specific topic settings (only SOps/AOps can change topic) , more on that below.

+s and +p - Both commands set the channel to be invisible in /list commands, but +s also sets it invisible in whois, both settigs are a good way to keep unwanted users out of channel.

+i - This option makes the channel closed to anyone unless an op invites them or they have ChanServ invite them using the /chanserv invite command.nnel has at a time, which is a good technique for clone protection. (More on that in the Security section).

+m - This option prevents anyone who is not voiced or OPed from talking in the channel.

+c - This option will disable any control codes (color, bold, underline, reverse) from being sent to the channel and will those messages. Also useful against clone attacks.

Information: If a channel becomes empty (last person leaves), ChanServ will save the topic if this option is set on so that next time someone comes in the topic will be recreated with the nick who set it.

Information: The ident argument regulates whether people can get opped in the channel automatically without having to identify (access list) or must identify. (Please see http://docs.dal.net/docs/nickserv.html#5 for more information on access lists).

Information: This command, when turned on, will not deop the first user to join the channel regardless of whether he is an op or not, if set off (as it is by default), it will deop anyone who is not AOp or higher. It is recommended you leave this setting untouched for security.

Information: This command, when turned on, will allow anyone on the founder's nick access list to make founder type changes to the channel. This may be a large security compromise if the founder does not have a very secure nickserv access list (please see the NickServ document for more information). It is suggested to leave this argument untouched.

Information: This setting, when turned on, will prevent the /chanserv invite command from being used. Only AOps and above will be able to see the channel topic when issuing /chanserv info #channelname. It will also allow only people who know about the channel to access it.

Information: This command allows the founder to manage who may send channel memos. When memo is set to none, no one can memo; when memo is set to AOp, all people on chanserv's access list may memo, when memo is set to SOp only founder and sops may memo and when the option is set to founder only the channel founder may send channel wide memos.

Information: This command allows the founder to set the successor for the channel in case the nickname of the founder expires. When and if the nickname expires the channel will be turned over to the successor with all rights and privileges of the founder. If you wish to disable the successor feature in your channel, use a hyphen ("-") instead of a nickname.
If the founder's nickname expires, and that channel has a successor, the following will occur:
A memo is sent to the channel's succesor with an AUTH code. The successor must use the AUTH code to authorize himself in the channel within ten (10) days. If the successor does so, a random password is generated that can be used to identify and become the founder. If the successors nick expires, or the successor doesnt take any action within ten (10) days, the channel expires as normal. A user can prevent himself from being added as a successor to a channel if he has enabled the NOOP option on his nickname (see http://docs.dal.net/docs/nickserv.html#6.7)

If you want to remove yourself as successor of a channel you can use the following command to do that

Syntax:/chanserv successor #channel DEL

Note: You must be using the Nickname that is listed as successor and you must be identified to it.

Example: /chanserv successor #DALnetHelp DEL

You can see in what channels you are listed as successor by going to http://users.dal.net. Log in with your registered nickname and password, then select from the navigation menu "DAL Channels" and then select the option "What channels am I Successor in?"

Information: When a founders nick expires, the successor will be sent an AUTH code by
MemoServ to gain access to the channel. If the first memo fails, the successor can
re-request the AUTH code to be sent to them again through memoserv using the command

Information: This command allows the founder to set the web password for his channel's website on the web (see the Webhosting Services document at http://docs.dal.net/docs/webhost.html for more information on channel websites).

Note: The password should be different from the password of the channel so that it may be given out to people in order to modify the website.

Information: This command allows the founder of a channel to turn on/off mailblock on his channel, by that enabling/disabling the option for the channel password to be sent to the email on file in case of a lost password.

Note: By enabling this command, the founder no longer has the option to retrieve his password incase it is lost/forgotten. The mailblock option should NOT be turned on unless the founder is absolutely sure that he is not going to forget/lose the password.

Information: The WHY command does the same thing as the ACC/ACCESS command, however it returns the status of the user in AOp/SOp/Founder form with no access level. It will also tell you when someone is using a different nickname what nickname he has access to that let him become opped. Also it tell you the status of the channel.

Note: You must be an AOp or higher to use that command

Example: /chanserv why #docsteam Zappu

Below is what you would receive from ChanServ

-ChanServ- Zappu has SOP access to #docsteam. Reason: Identification to the nickname Zappu. Channel Frozen: NO

Information The UNBAN command will unban all masks that match your nick!user@host if you do not specify a nickname. AOps may also unban a specific user or a host. SOps can unban everything by specifying the * sign instead of a nickname.

Now that you have gotten yourself familiarized with the ChanServ commands, it's time to move on to a very important topic: Channel Security.
Each day, many people join channels such as #operhelp in order to receive help with channel takeovers, forgotten passwords, etc...
Here are some tactics to help you fight all of the security problems.

1) Make your password use uppercase and lowercase letters, as well as numbers. This makes passwords much harder to guess.

2) NEVER EVER give out your password to anyone who you wouldn't trust with your life. DALnet does not help users who shared their password and later found it misused.

3) Add SOps very carefully. Also, add AOps very carefully. Don't add anyone who you don't know very well to the OP list.

4) Once the channel is registered , Chanserv set +nt-k as MLOCK ,So if you want to set a password for your Channel , you have to remove the -k from the MLOCK and keep the +nt for channel protection , Syntex of removal the MLOCK is : /chanserv set #channelname mlock +nt

5) Don't create an auto-identify script. If you do, make sure you don't give out the script with the auto identify or you may be in serious trouble.

Now that you are familiar with the ChanServ commands you're ready for the privileges and responsibilities of being a founder. You may also want to check out the NickServ documents for some information on the NickServ commands and settings.